I was looking around the forum, noticed alot of people have alot of security certifications. I was wondering, which course would one of you guys suggest that covers the topic of Exploit Development fairly well (Like to a point where you see a demonstration, cover it, and can go through the steps on your own time in exploiting applications)? The CPTS, CPTE, OSCP,CEH, etc? If the course covers it barely & you'd suggest a book, go ahead and name it, I'm listening! Thanks in advanced.

The first two papers will give you enough to start writing stack-based buffer overflows. The others cover more advanced topics and can be read roughly in the order that I listed them (the better your background in programming and operating systems, the more you can jump around).

The first edition of Shellcoder's Handbook was co-written by Jack Koziol of InfoSec Institute. This is the textbook they use for the CEPT which will tell you what to expect from the CEPT course.

There is a second edition which does not include the efforts of Jack. They still use version one for the class. Take that for what you will as I have not done a side-by-side comparison of the 2. Anyone?!?!

As for SANS, the exploit dev course is new but is really starting to round out their ethical hacking / pen testing offerings. They are really making a big push in this area.

Kris, none of the courses goes into too much depth. However, the OSCP: BackTrack to the Track should cover this in detail. In the first OSCP course, this is also covered and you have to understand how exploits work, writing your own, etc. The course isn't entirely focused on developing exploits but you have to know how to write your own + a little light fuzzing. SANS also recently introduced a new course (709) dedicated to exploit development - http://www.ethicalhacker.net/component/ ... picseen,1/

The CEPT is 3 out of the 5 days exploit development..... The test at the end is also exploit development and reverse engineering, in order to pass you have to find and write exploits for the software services provided to you and reverse the crackme they give you..... So you will be fuzzing and exploiting buffers heaps and format strings for 30 days after you are done with the class....

This cert also requires a 50 question test, which means nothing because its easy... The course itself taught by jack is a great course and you will learn loads, Just make sure you go into the course with good linux skills, also having tried to read the shellcoders handbook chapters on linux and windows overflows and heap overflows before the class... Oh yea and format string vulnerabilities. It also wouldn't hurt to go through a few reversing tutorials as well.... "Reversing with Lena" is a good series for that.... Just the first few will get you up to speed with windows reversing techniques....

As far as books go, "Shellcoders handbook" is a must, also the "Art of Exploitation" covers the topic in less detail and might be more digestible for someone new to the subject..

The second rendition of the shellcoders handbook just corrected some incorrect diagrams for example the memory one in the linux chapter they had upside down and I believe added some other chapters or content not relevant to what you would learn in the course... IE the windows and linux exploitation.

I took this class and passed the certification, I would suggest you take this certification and the OSCP certification as far as real world knowledge and acquiring skills while at the same time a certification.... All the other certs are mostly Fluff or general knowledge for your resume so the HR dept of a business flag you for an interview.... Dont get me wrong, cissp will get you an interview, but stuff like the CEH I didnt find beneficial on any level at all....

Ficti0n....

Last edited by ficti0n on Mon Mar 23, 2009 2:20 pm, edited 1 time in total.

ummm art of explotation kind of glosses over C, I dont remember it being to C or ASM intensive though..... Just as long as you have an understanding of programming concepts and the basics of how a small asm program works you will be fine... Shellcoders handbook is more intensive.... I have to say before that class I understood about 60% of shellcoders handbook and after the class I read through and understood about 90% of the shellcoders book...

A good place to start understanding ASM for me was looking at that old old book on building viruses.... little book of computer viruses it might have been called? I read through that at the same time as a linux asm book and I started understanding the stuff way more...